Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
Mozilla Gets A Phishing FixMozilla Gets A Phishing Fix
Thunderbird, Mozilla's open-source messaging client, hasn't yet won the same giant-killing reputation as its older sibling, Firefox. Recently, a group of developers checked a <a href="http://www.mozillazine.org/talkback.html?article=5939">new feature</a> into the Thunderbird code tree that demonstrates how it could, like Firefox, hit the big time by attracting users who are tired of having their pockets picked every time they go online.
2 Min Read
Thunderbird, Mozilla's open-source messaging client, hasn't yet won the same giant-killing reputation as its older sibling, Firefox. Recently, a group of developers checked a new feature into the Thunderbird code tree that demonstrates how it could, like Firefox, hit the big time by attracting users who are tired of having their pockets picked every time they go online.
The feature is a simple but promising phishing detector. Some of the most common phishing scams involve HTML email that displays one URL in the message body but actually takes the user to a different site--one where the scam artist quickly relieves victims of their privacy, their money, or both. The current version of the feature, which is available in some Thunderbird development builds, works when the email body text displays one URL, but the actual URL uses an IP address or a different domain name. If the user clicks on a suspicious link, Thunderbird displays a warning and asks the user for a confirmation before allowing a Web browser to open the link.
This is the developers' first stab at implementing the feature, and as they admit, there's plenty of room for improvement before it appears in a production release. But it's a wonderful idea, and it would be great to see this or something like it implemented in Thunderbird 1.1.
As for the other email clients on the market today, especially Microsoft Outlook, the Thunderbird contributors' work begs the question: Why hasn't anyone else thought of this? Outlook already makes Internet Explorer look like Fort Knox; if the Thunderbird development community keeps thinking like this, it might give more Outlook users--or at least the ones not at the mercy of a corporate IT department--a good reason to switch.
Update (Jan.24, 22:26): One of my colleagues, Don St. John, alerted me to an email client with a working anti-phishing feature. Eudora 6.2 opens a pop-up warning when a user mouses over a suspicious link, and the software requires a confirmation before opening a phishy link. If anyone else knows of products with similar features, let me know, and I'll add them to the list.
About the Author
You May Also Like
More Insights
